omniauth/omniauth-oauth2

Issues

• session being reset during the oauth dance, resulting in `csrf_detected` error

  #183 opened 3 months ago by davetron5000
  1

• Callback URI

  #180 opened 4 months ago by reiz
  3

• undefined method `bytesize' for Hash

  #89 opened 9 years ago by eignerchris
  2

• CVE-2020-36599 (Critical), CVE-2015-9284 (High)

  #178 opened 7 months ago by wimpog
  1

• Keeping Github Releases in sync with gem releases?

  #176 opened a year ago by epugh
  4

• Implementing omniauth strategy for authorization code grant

  #126 opened 6 years ago by BigMcLargeHuge
  3

• Coveralls check is failing

  #170 opened a year ago by BobbyMcWho
  0

• redirect_uri parameter given to authorization endpoint is not identical to the one given to the token endpoint

  #93 opened 9 years ago by mulka
  19

• NoMethodError (undefined method `expired?' for nil:NilClass)

  #160 opened 2 years ago by aarthi-mallow
  6

• CSRF Detected - When changing Subdomain to 'app' instead of 'www'

  #164 opened 2 years ago by chabdulbasit17
  1

• request.env['omniauth.origin'] always nil

  #137 opened 4 years ago by ramonpm
  1

• Refresh token is not read if expires_in or expires_at is not present

  #143 opened 3 years ago by fabioxgn
  5

• Error when no refresh_token is available

  #162 opened 2 years ago by espen
  1

• Duplicate redirect_uri in Callback phase

  #161 opened 2 years ago by dombarnes
  0

• I get the response that I need but its considered as authentication Failure

  #159 opened 2 years ago by laptopmutia
  7

• Invalid JWT token type (invalid_credentials: OAuth2::Error)

  #157 opened 2 years ago by dombarnes
  5

• omniauth: (google_login) Authentication failure! csrf_detected (only Safari)

  #155 opened 3 years ago by gingerlime
  16

• @agrobbin @sferik Could you review this, if you still have an interest in the issue?

  #154 opened 3 years ago by Noip1
  1

• Well, seems it's working now after I upgrade to the latest version. The state parameter can be parsed as I expect.

  #151 opened 3 years ago by Drblack101
  2

• state parameter change to hashing code.

  #150 opened 3 years ago by Drblack101
  2

• Possible issue with mirroring back the query params that were passed from authorization server

  #141 opened 3 years ago by menisy
  5

• How do I fix the Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected ?

  #140 opened 3 years ago by bigos
  4

• authorize url controller redirects using 302 instead of 307

  #139 opened 4 years ago by mildred
  0

• undefined method `expired?' for nil:NilClass

  #138 opened 4 years ago by kinitawowi
  2

• Version incompatibility with later versions of Faraday

  #121 opened 4 years ago by DriftingShadows
  2

• PKCE Support

  #130 opened 4 years ago by jessedoyle
  1

• http call and response leading to invalid_credentials error with familysearch strategy

  #102 opened 8 years ago by genlighten
  2

• Update omniauth from 1.9 for security reasons

  #127 opened 6 years ago by gchapim
  3

• Always provide refresh token, whether access token expires or not

  #122 opened 6 years ago by RKushnir
  0

• Custom Strategy - OmniAuth::NoSessionError

  #120 opened 7 years ago by tardoe
  0

• oauth2 dependency v2.0 and looking for additional maitainers

  #119 opened 7 years ago by joshRpowell
  0

• Got an error on `deep_symbolize` after authentication

  #118 opened 7 years ago by shioimm
  0

• Where Does The Subclass Go?

  #116 opened 7 years ago by perlmunger
  1

• After a successful login if I go back in browser I get CSRF detected error

  #95 opened 8 years ago by ristovskiv
  2

• Faraday::ConnectionFailed execution expired

  #106 opened 7 years ago
  3

• Support for gem is stopped

  #108 opened 7 years ago by ngoral
  1

• Find a better way to cooperate with 3rd party omniauth oauth2 provider gems

  #105 opened 8 years ago by urkle
  2

• 1.4.0 makes my rails app unable to sign in with facebook

  #81 opened 8 years ago by PikachuEXE
  41

• CSRF protection bypassed.

  #101 opened 8 years ago by ehsahil
  1

• Documentation fot Posting with the access token

  #104 opened 8 years ago by bsylvain
  1

• Support rails 5

  #99 opened 8 years ago by maximveksler
  2

• Redirect URI Required not Optional

  #98 opened 8 years ago by vpfaulkner
  0

• Compatibility with omniauth >=1.3?

  #87 opened 8 years ago by nikdavis
  2

• Invalid redirect_uri with load_balance. Force domain.

  #86 opened 9 years ago by renatocassino
  0

• handling invalid_grant errors

  #84 opened 9 years ago by rgarcia
  0

• Is there a way to change url param `client_id` -> 'app_id'?

  #80 opened 9 years ago by leecade
  0

• In production, authentication fails with no errors (possibly CSRF problem)

  #79 opened 9 years ago by snitko
  8

• Really weird CSRF issue...

  #78 opened 9 years ago by bill-transue
  0

• Add authorization header to get access token request

  #76 opened 9 years ago by mbajur
  1

• Removal of Faraday dependency breaks error handling

  #73 opened 10 years ago by stevenringo
  1